diff options
author | Victor Zagorodny <vzagorodny@gitlab.com> | 2019-04-29 23:45:05 +0300 |
---|---|---|
committer | Victor Zagorodny <vzagorodny@gitlab.com> | 2019-04-29 23:47:00 +0300 |
commit | 30ce01c2f45ccc9288d806d8e071d77005717802 (patch) | |
tree | 2f81059746cf9d86bf7a37bacbd6eded18994fc4 | |
parent | da9859d7ee8091e1cab9e10c5125dab75ffe34c0 (diff) | |
download | gitlab-ce-10694-propagate-env-vars-for-gitlab-own-ci-sast-depscan-ce.tar.gz |
Make propagate_env_vars scan regex more secure10694-propagate-env-vars-for-gitlab-own-ci-sast-depscan-ce
-rw-r--r-- | .gitlab/ci/reports.gitlab-ci.yml | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/.gitlab/ci/reports.gitlab-ci.yml b/.gitlab/ci/reports.gitlab-ci.yml index 2e925d58a87..d0e09dbf2f8 100644 --- a/.gitlab/ci/reports.gitlab-ci.yml +++ b/.gitlab/ci/reports.gitlab-ci.yml @@ -31,7 +31,7 @@ sast: CURRENT_ENV=$(printenv) for VAR_NAME; do - echo $CURRENT_ENV | grep $VAR_NAME > /dev/null && echo "--env $VAR_NAME " + echo $CURRENT_ENV | grep "${VAR_NAME}=" > /dev/null && echo "--env $VAR_NAME " done } - export SP_VERSION=$(echo "$CI_SERVER_VERSION" | sed 's/^\([0-9]*\)\.\([0-9]*\).*/\1-\2-stable/') @@ -75,7 +75,7 @@ dependency_scanning: CURRENT_ENV=$(printenv) for VAR_NAME; do - echo $CURRENT_ENV | grep $VAR_NAME > /dev/null && echo "--env $VAR_NAME " + echo $CURRENT_ENV | grep "${VAR_NAME}=" > /dev/null && echo "--env $VAR_NAME " done } - | |